The Internet

Definition

The "Internet" is a term used for a loose, decentralized and world-wide network of computers, which allows for almost instant communication from any one machine to any other machine, anywhere in the world. It is the world-wide equivalent of the local area networks that have been around for a while. The Internet is fairly new, but not as new as many think. It has been widely used by scientists and engineers for at least 15 years.

A lot of people don't realize it yet, but the Internet is the greatest thing that has happened to democracy and freedom of speech since the Bill of Rights. Here is finally a medium, which allows anybody to communicate with anybody, anywhere in the world, in a quick, practical and convenient manner.

It is also a great way to find information. It is like a giant library at anybody's fingertips. It is also a great medium for commerce and entertainment. While today, the Internet is still mostly used to communicate written words and still images (video and sound don't work too well real-time, yet), dramatic improvements in technology will soon transform it into a universal medium for high-quality images, video, sound and conferencing.

Right now, sex is probably still the main thing that sells on the web (although that is changing quickly). It could even be said that the desire for uncensored access to material of a sexual nature has fueled a lot of the early technical developments making the Web what it is today.

This is not surprising or unusual. Sex has always been an enabler of new technologies. One of the great uses of photography when it was first invented and commercialized, was to produce "pin-up" pictures of women, which soldiers of the Civil War took with them to the battles. When the VCR was first invented, it was initially mostly used by people wishing to watch pornographic movies in the privacy of their homes. When camcorders first came out, people started taping their sexual experiences, without the embarrassment of having to have film developed.

As far a sex is concerned, the Internet offers:

• easy access
• anonymity
• variety
• information and discussion
• it is consistent with today's fear of sexually transmitted diseases

The only thing the cannot provide, is the real thing. That is why personally, I don't find cybersex terribly appealing. I think it is great that people enjoy writing each other dirty messages, I think it is great that they are able to watch pictures of naked people or acrobatic sex acts, but in the end, it is just a poor substitute for people who don't want to go out and meet real other people. As a result, my use of the Internet is still pretty much limited to scientific work, research, E-mail, publishing and some home shopping.

Encryption is the practice of encoding the messages or information sent over the Internet, in a unique way, so that only the sender and the recipient can read the information. Encryption ensures privacy of the communication, because anyone else who would intercept the message, would be unable to read it.

Encryption can be done in many ways, but practical encryption generally boils down to two components:

• An algorithm
• A key

The algorithm is the "method" used to transform the message. The algorithm is typically known to the public (at least to people who specialize in that area). The algorithm is a piece of software that actually performs the encryption.

The key is a string of data (numbers, if you will), which is plugged into the algorithm, together with the message. The message and the key are then combined in a sophisticated way, and what comes out appears unintelligible (or "random"). The way to recover (or "decrypt") the message again, is to know the key and run the inverse algorithm. In principle, only the recipient of the message should be able to do that, because nobody else but the sender and recipient knows the key.

That is in principle. In practice, truly safe encryption is hard to implement. In other words, it is often possible for third parties to analyze your message, and "break" the encryption. That means, even if they do not know the key, they can still decode the message. It may not be easy, it may require encryption specialists and supercomputers in some cases, but it can often be done.

A lot of work has been done in the area, and some truly safe algorithms have been developed, i.e. algorithms that are hard to break. Examples are the DES and SSL algorithms. But the algorithms are only safe if the key is long enough. In other words, the longer the keys that are used (expressed in number of bits), the safer the algorithm becomes.

So, on the face of it, encryption would be a desirable thing. It guarantees privacy, and is that not what everybody wants? Privacy means that when you transmit your credit card number over the web, crooks cannot intercept it. It also guarantees that if you send some naked or compromising pictures of yourself to someone, nobody can intercept them and publish them. (Think of Pamela Anderson Lee...)

So you would think that everybody should use encryption, at least for the more personal stuff, or stuff of a sexual nature, which always carries some risk that it could some day be used against you (think of Clinton). In addition, you would think that everybody should use the longest possible keys, so no unintended recipient can possibly decode your message.

Wrong! The government won't let you. At least not quite. The government is extremely nervous about encryption, which is kind of interesting, because one would think that the only reason to object to encryption, would be if the government wanted to eavesdrop on the electronic communication of private citizens.

The reason the government cites, is that law enforcement has to be able to gain access to communications to solve criminal cases. Examples that are given, are

• Cases involving national security
• Drug cases (note how the war on drugs consistently seems to come in the way of personal freedom and privacy)

So, the government limits what encryption people can use. However, the debate is still raging. Nowadays, "good encryption" is considered 128 bits. The government maintains that algorithms using 128 bits cannot possibly be broken by anyone. Therefore, the government encourages domestic use of 128 bit algorithms. Until a few months ago, when a computer programmer in the Silicon Valley actually broke an encrypted message using 128 bits DES.

At the same time, there is a law which makes it illegal to export "strong encryption" algorithms abroad. There are some funny things about this law.

• The strong encryption algorithms are known abroad anyway. Actually, courses on the subject are taught in universities around the world, and textbooks can be bought.
• Some popular software uses these "strong encryption" algorithms, for domestic use. Examples are Netscape, Microsoft Explorer and America Online. A lot of people have that software installed on their laptop computers without really worrying about it (who reads the fine print when you buy software anyway). But if you take your laptop with you on a trip to Europe, you break the law and expose yourself to a possible jail sentence!

Why is the Debate on Encryption Rather Trivial?

Encryption algorithms are not that hard to implement. They are well known, and you can buy some excellent books on the subject. Any good programmer, e.g. a student working on a BS in computer science, can program a DES algorithm on his PC, with as many bits of key length as you want. What is even more interesting, is that those same algorithms are known abroad (the same books can be bought totally legally abroad, provided they do not contain a floppy with the actual software in it).

What that means, is that any criminal organization, either in the US or abroad, can very easily gain access to a strong encryption algorithm. So strong actually, that it would seem almost impossible to break, even by the CIA or NSA.

On the other hand, normal citizens are limited by law to "weak" or "not really that strong" encryption. This means that somewhat sophisticated criminal organizations can probably break the code you use, and possibly do so in order to commit fraud or blackmail.

The conclusion of all this, is that legislation in the encryption area, the way it is envisioned now:

• will probably not hinder criminals who want to effectively conceal information
• might help criminals who want to abuse information
• might hurt the ordinary citizen who thought his information was safe

A good Analysis of Encryption Policy Issues